If you like to read our old blogs you are welcome, I4INFO
This CTF challenges were good and easy I didn't that good. I was able to solve 2 Questions that both were easy.
The web 50 was a simple md5 crypto challenge. You have phone keypad with you, it opens its lock when you enter the correct 4 digit password
When you look it to the source the challenge is quite easy to understand. You are given the salt, valid i.e md5(salt+answer)=valid. The problem is now very easy , I just want to find the answer, I wrote a python program for that.
Exploit:
import hashlib
valid ="a70f69cd94d70aaef0965fe1a1b4b0de"
salt ="405f57e46114e0319737ca54ed9247da"
for i in range(0,10000):
ch= ""
i=str(i);
if(len(i)<4):
for j in range(0,4-len(i)):
ch+=str(0)
i=ch+i
print "Count : " + i
m = hashlib.md5()
m.update(salt+i)
a = m.hexdigest()
print "md5 : " + a
if(a==valid):
print "Got code!!!"
break
Flag:9a1141fade36998789aa711ba8847b99
Thank you for reading the blog!